Subway’s $3 million lesson in point-of-sale security

In a scheme dating back at least to 2008, a band of Romanian hackers is alleged to have stolen payment card data from the point-of-sale (POS) systems of hundreds of small businesses, including more than 150 Subway restaurant franchises and at least 50 other small retailers- The hackers are alleged to have gathered the credit and debit card data from over 80,000 victims. and over $3 million in fraudulent charges.

Small businesses’ poor security practices and reliance on common, inexpensive software packages to run their operations makes them easy pickings for large-scale scams like this one, The PCI Security Standards Council, which governs credit card and debit card payment systems security, requires two-factor authentication for remote access to POS systems—something the applications used by these retailers clearly didn’t have.

In the case of Subway restaurants, those requirements were provided to franchisees. but it seems that, some of the franchisees “directly and blatantly disregarded Subway’s security and POS configuration standards.

Synergy is a well established, solution provider across the Middle East region.
Synergy has a strong presence in several key verticals; Manufacturing, Construction, Hospitality Insurance, Financial Services, Government. Media, Oil and Gas, Distribution.
Synergy is particularly well known as a Gold Partner of both Infor Sunsystems, and Microsoft Dynamics Ax and for its implementation expertise and exceptional support. It is based centrally in Dubai in the Karama district since it was registered in 1991, and occupies a 7,000 sq ft office with around 80 full time employees.